Skip to main content
Feature ID: PF-82 Status: ✅ Implemented Spec: PF-82-business-process-registry.md Last Updated: 2026-03-16

Overview

PF-82 (Business Process Registry) provides a centralized, auto-discovered catalog of business processes that aggregate automation rules (fw_automation_rules) and workflow definitions (fw_workflow_definitions) per organization. It calculates composite health scores, surfaces execution metrics, and publishes health-change events consumed by notifications and the system health dashboard.

Integration Points (from Spec)


Cross-Core Data Access

PF-82 reads from FW core tables (fw_automation_rules, fw_automation_logs, fw_workflow_definitions, fw_workflow_instances) via PF-owned SECURITY DEFINER functions (pf_discover_business_processes, pf_refresh_process_health). These functions run with SET search_path = public to prevent search-path injection.
Architecture note: Direct cross-core table reads are normally prohibited by constitution §1. PF-82 mitigates this by routing all FW data access through SECURITY DEFINER database functions owned by the PF core, which is consistent with the pattern used by other platform-level health and observability features (e.g., PF-36, PF-52). No PF React code imports FW modules directly.

Event Contracts

process_health_changed

Publisher: pf_refresh_process_health() (pg_cron every 5 min + Database Webhook on fw_automation_logs INSERT) Subscribers: PF-10 (Notifications), PF-36 (System Health Dashboard) Delivery: pg_notify('process_health_refresh', ...) → Database Webhook → Edge Function → PF-10

process_discovered

Publisher: pf_discover_business_processes() (pg_cron daily + on-demand Edge Function) Subscribers: PF-04 (Audit Logging)

Consumers of PF-82


Edge Functions


Tenant Isolation

All pf_business_processes and pf_process_execution_snapshots rows are scoped to organization_id. RLS policies enforce tenant isolation using existing platform helpers pf_has_org_access() and pf_is_platform_admin() (both SECURITY DEFINER).

Permission Keys (PF-30)